forked from m4ll0k/BBTz
-
Notifications
You must be signed in to change notification settings - Fork 0
/
bugmenot.py
58 lines (54 loc) · 1.93 KB
/
bugmenot.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
#!/usr/bin/python
# m4ll0k - github.com/m4ll0k
# Get shared credentials for your bug bounty targets or for anything else
import requests
import sys
from lxml import html
def getFromBugMenot(target):
try:
return requests.get(
'http://bugmenot.com/view/{}'.format(
target
)
)
except Exception as e:
sys.exit(
print(e)
)
def main(target):
print('[ + ] Get shared credentials for.. '+str(target))
r = getFromBugMenot(target)
if r.status_code == 200:
print('[ + ] Showing credentials...\n')
tree = html.fromstring(r.content)
tree_xpath = tree.xpath('//article[@class="account"]')
if tree_xpath != []:
for account_len in range(len(tree_xpath)):
# process
cols = []
vals = []
for subroot in tree_xpath[account_len].xpath('//dl'):
cols = subroot.xpath('//dt/text()')
for n in cols:
if n == 'Stats:':
cols.pop(cols.index(n))
vals = subroot.xpath('//dd/kbd/text()')
for credentials in zip(cols,vals):
print('\t{}\t{}'.format(
credentials[0].split(':')[0] if len(credentials[0]) > 6 else credentials[0].split(':')[0]+"\t",credentials[1]
))
print("\t"+('-'*50))
print('')
break
else:
print('Not found anything for '+str(target))
if __name__ == "__main__":
if len(sys.argv) == 1:
print('\nUsage:\n\tpython3 bugmenot.py <target>\n\tpython3 bugmenot.py <target1> <target2> ..\n')
print('Coded by m4ll0k (@m4ll0k2) github.com/m4ll0k\n')
sys.exit()
elif len(sys.argv) == 2:
main(sys.argv[1])
elif len(sys.argv) > 2:
for i in sys.argv[1:]:
main(i)